. In other words, while the reported vulnerability could have resulted in unauthorized code execution, it would have been confined to the boundaries of the sandbox, according to Google's release documentation.
Without much fanfare, Google has pushed out an update for Chrome that will seal up two vulnerabilities
which could have posed a serious risk.
One flaw pertained to potentially fraudulent HTTPS sessions, and the more dangerous of the two could be triggered by visiting a maliciously-crafted page with certain XML content. Google has pushed out version 22.214.171.124 of Chrome already, making it available for download to anyone who uses Chrome. If you haven't updated already, it's a good idea to snag it.
Interestingly, Google is crediting how they discovered the flaws. Mozilla's security team was apparently responsible for alerting Google to one problem, and a security researcher was credited with discovering the other. That may be only a small note, but it is encouraging to see browser developers working together in some fashion.